65.49.20.124 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: The Shadow Server Foundation

Hostname: unknown

Organization: unknown

Usage Type: Commercial

Comments:

Make a comment on this IP

Type	Details	Datetime
proxy	VPN fraud	2023-04-03 13:08:01
attack	SSH break in attempt ...	2020-08-11 12:58:25
attackbotsspam	IP was detected trying to Brute-Force SSH, FTP, Web Apps, Port-Scan or Hacking.	2019-12-15 03:05:02

Comments on same subnet:

IP	Type	Details	Datetime
65.49.20.78	botsattack	Compromised IP	2025-01-28 22:48:38
65.49.20.67	botsattackproxy	Redis bot	2024-04-23 21:05:33
65.49.20.118	attackproxy	VPN fraud	2023-06-12 13:45:52
65.49.20.110	proxy	VPN fraud	2023-06-06 12:43:08
65.49.20.101	proxy	VPN fraud	2023-06-01 16:00:58
65.49.20.107	proxy	VPN fraud	2023-05-29 12:59:34
65.49.20.100	proxy	VPN fraud	2023-05-22 12:53:45
65.49.20.114	proxy	VPN fraud	2023-04-07 13:32:29
65.49.20.105	proxy	VPN fraud	2023-03-16 13:52:13
65.49.20.123	proxy	VPN fraud	2023-03-09 14:09:02
65.49.20.90	proxy	VPN scan	2023-02-20 14:00:04
65.49.20.119	proxy	VPN fraud	2023-02-14 20:08:26
65.49.20.106	proxy	Brute force VPN	2023-02-08 14:01:13
65.49.20.77	proxy	VPN	2023-02-06 13:57:51
65.49.20.81	proxy	VPN	2022-12-27 13:51:59

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 65.49.20.124
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 16096
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;65.49.20.124.			IN	A

;; AUTHORITY SECTION:
.			558	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019121401 1800 900 604800 86400

;; Query time: 114 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Dec 15 03:04:58 CST 2019
;; MSG SIZE  rcvd: 116

Host info

Host 124.20.49.65.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 124.20.49.65.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
185.230.125.35	attackspambots	B: zzZZzz blocked content access	2020-03-03 09:46:29
61.5.45.22	attack	Honeypot attack, port: 81, PTR: ppp-jhr-b.telkom.net.id.	2020-03-03 10:02:00
49.88.112.116	attackspambots	Mar 3 02:39:12 localhost sshd\[28440\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.116 user=root Mar 3 02:39:14 localhost sshd\[28440\]: Failed password for root from 49.88.112.116 port 61277 ssh2 Mar 3 02:39:17 localhost sshd\[28440\]: Failed password for root from 49.88.112.116 port 61277 ssh2	2020-03-03 09:43:13
78.187.133.51	attackbots	Honeypot attack, port: 81, PTR: 78.187.133.51.dynamic.ttnet.com.tr.	2020-03-03 09:35:22
94.70.162.40	attackbotsspam	Unauthorized connection attempt detected from IP address 94.70.162.40 to port 23 [J]	2020-03-03 10:00:40
128.199.223.220	attackspambots	IMAP	2020-03-03 09:50:26
222.186.52.86	attackspambots	Mar 2 17:42:10 ny01 sshd[27865]: Failed password for root from 222.186.52.86 port 64474 ssh2 Mar 2 17:43:23 ny01 sshd[28333]: Failed password for root from 222.186.52.86 port 44790 ssh2	2020-03-03 09:35:53
188.166.159.148	attackbots	Mar 3 01:30:38 ArkNodeAT sshd\[24366\]: Invalid user centos from 188.166.159.148 Mar 3 01:30:38 ArkNodeAT sshd\[24366\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.159.148 Mar 3 01:30:40 ArkNodeAT sshd\[24366\]: Failed password for invalid user centos from 188.166.159.148 port 40878 ssh2	2020-03-03 09:30:14
190.151.105.182	attackbots	Mar 2 20:39:32 plusreed sshd[1691]: Invalid user zym from 190.151.105.182 ...	2020-03-03 09:42:03
24.20.244.45	attackbotsspam	Mar 2 15:35:29 tdfoods sshd\[7207\]: Invalid user gameserver from 24.20.244.45 Mar 2 15:35:29 tdfoods sshd\[7207\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=c-24-20-244-45.hsd1.or.comcast.net Mar 2 15:35:31 tdfoods sshd\[7207\]: Failed password for invalid user gameserver from 24.20.244.45 port 51366 ssh2 Mar 2 15:45:00 tdfoods sshd\[7919\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=c-24-20-244-45.hsd1.or.comcast.net user=root Mar 2 15:45:01 tdfoods sshd\[7919\]: Failed password for root from 24.20.244.45 port 32848 ssh2	2020-03-03 09:53:42
88.204.128.238	attackspam	1583186368 - 03/02/2020 22:59:28 Host: 88.204.128.238/88.204.128.238 Port: 445 TCP Blocked	2020-03-03 09:41:21
193.26.21.5	attackbotsspam	TCP Port Scanning	2020-03-03 09:45:06
222.186.180.130	attack	Mar 3 02:28:57 vps691689 sshd[28894]: Failed password for root from 222.186.180.130 port 19330 ssh2 Mar 3 02:28:58 vps691689 sshd[28894]: Failed password for root from 222.186.180.130 port 19330 ssh2 Mar 3 02:29:00 vps691689 sshd[28894]: Failed password for root from 222.186.180.130 port 19330 ssh2 ...	2020-03-03 09:33:21
59.127.147.110	attack	Unauthorized connection attempt detected from IP address 59.127.147.110 to port 4567 [J]	2020-03-03 09:37:50
187.18.110.31	attackspambots	Honeypot attack, port: 81, PTR: r239-pw-combate.ibys.com.br.	2020-03-03 09:42:23

Recently Reported IPs

105.34.89.86	41.30.46.176	31.181.202.77	65.234.242.42
69.93.93.3	64.199.232.129	194.28.86.219	57.39.52.13
14.226.152.234	233.241.165.165	156.205.208.30	149.56.28.2
228.90.203.47	68.92.2.42	118.92.113.198	47.140.198.17
96.216.17.94	225.220.213.136	253.83.41.110	184.163.136.153